[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Microsoft moves beyond patches
- To: Valdis.Kletnieks@vt.edu
- Subject: Re: [Full-Disclosure] Microsoft moves beyond patches
- From: Ron DuFresne <dufresne@winternet.com>
- Date: Thu, 2 Oct 2003 16:51:07 -0500 (CDT)
On Thu, 2 Oct 2003 Valdis.Kletnieks@vt.edu wrote:
> On Thu, 02 Oct 2003 11:50:15 CDT, Ron DuFresne said:
>
> > Unless you are promoting host based defense, which is not quite there yet,
> > and an administrative nightmare, I think you'd find a strong argument this
> > is *not* the case, at least at present.
>
> Tell that to all the corporate nets that have been whacked by a worm brought
> in on a laptop, VPN connection, or other similar backdoor.
>
> (yes yes, I know it's a "failure to define perimeter correctly". The fact
> that
> it wasn't defined correctly *IS* the problem with the technology....)
>
nonono, certainly not a problem with the technology, nor the philosophy,
but an implimentation error. Afterall, as you hint, they opend a backdoor
and got slammed by it. I've been for years now saying that VPN's are not
the endall to beall and are used far *too* freely and frequently. Punch a
hole or two in a firewall and it's on it's way to becoming little more
then a standard router.
Thanks,
Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
"Cutting the space budget really restores my faith in humanity. It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation." -- Johnny Hart
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html